Inter Site Communication Between two VPN Clients Site



  • Hello everyone,

    My Scenario :

    Pfsense  working as openvpn server at head office

    Site A, Site B  are connecting to Openvpn Server at head Office through OpenVPn Tunnel

    Communication happening between Site A and head office and vice versa
    Similarly between Site B and head office.

    I would like to access Server at Site A from Server at Site B. (Inter Site Communication)

    Unfortunately option Inter Client communication is not available for OpenVPN server (Site 2 Site)

    I tried putting Site A lan subnet in CSO of Site B local network in Openvpn Server. This pushed the route to Site B. I was able to ping server at Site A from the firewall but not from any other device from Site B.

    What am I missing ? Any help ?

    Regards,
    Ashima



  • You need a CSO for both sites. Consider that CSO only works with TLS auth. and client certificates and that the common name in CSO must match that one in the cert.

    In the CSO for A enter the head office and the site B LAN subnets at "IPv4 Local Network/s" and the site A LAN at "IPv4 Remote Network/s".
    In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)".

    Accordingly to this also configure CSO and client for B.

    Also configure the firewall rules on each node to permit the access.

    Consider that also the operating systems firewall of the destination device may block access from the other sites.



  • Thank you  @viragomann

    " In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)" "

    This is what made it work. I was trying to do so since morning.

    Regards,
    Ashima


Log in to reply